diff options
Diffstat (limited to 'railties/lib/rails/generators/rails/scaffold_controller')
3 files changed, 10 insertions, 2 deletions
diff --git a/railties/lib/rails/generators/rails/scaffold_controller/scaffold_controller_generator.rb b/railties/lib/rails/generators/rails/scaffold_controller/scaffold_controller_generator.rb index 7030561a33..8b46eb88ae 100644 --- a/railties/lib/rails/generators/rails/scaffold_controller/scaffold_controller_generator.rb +++ b/railties/lib/rails/generators/rails/scaffold_controller/scaffold_controller_generator.rb @@ -32,6 +32,14 @@ module Rails hook_for :helper, as: :scaffold do |invoked| invoke invoked, [ controller_name ] end + + private + + def permitted_params + params = attributes_names.map { |name| ":#{name}" }.join(", ") + params += attributes.select(&:attachments?).map { |a| ", #{a.name}: []" }.join + params + end end end end diff --git a/railties/lib/rails/generators/rails/scaffold_controller/templates/api_controller.rb.tt b/railties/lib/rails/generators/rails/scaffold_controller/templates/api_controller.rb.tt index 400afec6dc..bb26370276 100644 --- a/railties/lib/rails/generators/rails/scaffold_controller/templates/api_controller.rb.tt +++ b/railties/lib/rails/generators/rails/scaffold_controller/templates/api_controller.rb.tt @@ -54,7 +54,7 @@ class <%= controller_class_name %>Controller < ApplicationController <%- if attributes_names.empty? -%> params.fetch(:<%= singular_table_name %>, {}) <%- else -%> - params.require(:<%= singular_table_name %>).permit(<%= attributes_names.map { |name| ":#{name}" }.join(', ') %>) + params.require(:<%= singular_table_name %>).permit(<%= permitted_params %>) <%- end -%> end end diff --git a/railties/lib/rails/generators/rails/scaffold_controller/templates/controller.rb.tt b/railties/lib/rails/generators/rails/scaffold_controller/templates/controller.rb.tt index 05f1c2b2d3..82b43987b4 100644 --- a/railties/lib/rails/generators/rails/scaffold_controller/templates/controller.rb.tt +++ b/railties/lib/rails/generators/rails/scaffold_controller/templates/controller.rb.tt @@ -61,7 +61,7 @@ class <%= controller_class_name %>Controller < ApplicationController <%- if attributes_names.empty? -%> params.fetch(:<%= singular_table_name %>, {}) <%- else -%> - params.require(:<%= singular_table_name %>).permit(<%= attributes_names.map { |name| ":#{name}" }.join(', ') %>) + params.require(:<%= singular_table_name %>).permit(<%= permitted_params %>) <%- end -%> end end |